Clerk is the easiest way to add authentication and user management to your application. To gain a better understanding of the Clerk Backend API, refer to the Backend API documentation.
Clerk Backend API: The Clerk REST Backend API, meant to be accessed by backend servers.
When the API changes in a way that isn't compatible with older versions, a new version is released.
Each version is identified by its release date, e.g. 2021-02-05. For more information, please see Clerk API Versions.
Please see https://clerk.com/docs for more information.
More information about the API can be found at https://clerk.com/docs
- SDK Installation
- Usage
- SDK Example Usage
- Available Resources and Operations
- Error Handling
- Server Selection
The SDK relies on Composer to manage its dependencies.
To install the SDK and add it as a dependency to an existing composer.json file:
composer require "clerk/backend-php"Retrieve your Backend API key from the API Keys screen in your Clerk dashboard and set it as an environment variable in a .env file:
CLERK_PUBLISHABLE_KEY=pk_*******
CLERK_SECRET_KEY=sk_******declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->emailAddresses->get(
emailAddressId: '<id>'
);
if ($response->emailAddress !== null) {
// handle response
}Available methods
- listAllowlistIdentifiers - List all identifiers on the allow-list
- createAllowlistIdentifier - Add identifier to the allow-list
- createBlocklistIdentifier - Add identifier to the block-list
- deleteBlocklistIdentifier - Delete identifier from block-list
- delete - Delete identifier from allow-list
- updateInstanceSettings - Update instance settings
updateDomain- Update production instance domain⚠️ Deprecated- changeProductionInstanceDomain - Update production instance domain
- list - List all identifiers on the block-list
- list - List all instance domains
- add - Add a domain
- delete - Delete a satellite domain
- update - Update a domain
- create - Create an email address
- get - Retrieve an email address
- delete - Delete an email address
- update - Update an email address
upsert- Update a template for a given type and slug⚠️ Deprecated
list- List all templates⚠️ Deprecatedrevert- Revert a template⚠️ Deprecatedget- Retrieve a template⚠️ DeprecatedtoggleTemplateDelivery- Toggle the delivery by Clerk for a template of a given type and slug⚠️ Deprecated
- update - Update instance settings
- updateRestrictions - Update instance restrictions
- updateOrganizationSettings - Update instance organization settings
- get - Retrieve the JSON Web Key Set of the instance
- list - List all templates
- create - Create a JWT template
- get - Retrieve a template
- update - Update a JWT template
- delete - Delete a Template
- getInterstitial - Returns the markup for the interstitial page
- list - Get a list of OAuth applications for an instance
- create - Create an OAuth application
- get - Retrieve an OAuth application by ID
- update - Update an OAuth application
- delete - Delete an OAuth application
- rotateSecret - Rotate the client secret of the given OAuth application
- update - Update an organization domain.
- create - Create a new organization domain.
- list - Get a list of all domains of an organization.
- delete - Remove a domain from an organization.
- getAll - Get a list of organization invitations for the current instance
- create - Create and send an organization invitation
- list - Get a list of organization invitations
- bulkCreate - Bulk create and send organization invitations
listPending- Get a list of pending organization invitations⚠️ Deprecated- get - Retrieve an organization invitation by ID
- revoke - Revoke a pending organization invitation
- create - Create a new organization membership
- list - Get a list of all members of an organization
- update - Update an organization membership
- delete - Remove a member from an organization
- updateMetadata - Merge and update organization membership metadata
- getAll - Get a list of all organization memberships within an instance.
- list - Get a list of organizations for an instance
- create - Create an organization
- get - Retrieve an organization by ID or slug
- update - Update an organization
- delete - Delete an organization
- mergeMetadata - Merge and update metadata for an organization
- uploadLogo - Upload a logo for the organization
- deleteLogo - Delete the organization's logo.
- create - Create a phone number
- get - Retrieve a phone number
- delete - Delete a phone number
- update - Update a phone number
- verify - Verify the proxy configuration for your domain
- list - List all redirect URLs
- list - Get a list of SAML Connections for an instance
- create - Create a SAML Connection
- get - Retrieve a SAML Connection by ID
- update - Update a SAML Connection
- delete - Delete a SAML Connection
- list - List all sessions
- get - Retrieve a session
- revoke - Revoke a session
verify- Verify a session⚠️ Deprecated- createTokenFromTemplate - Create a session token from a jwt template
- update - Update a sign-up
preview- Preview changes to a template⚠️ Deprecated
- create - Retrieve a new testing token
- list - List all users
- create - Create a new user
- count - Count users
- get - Retrieve a user
- update - Update a user
- delete - Delete a user
- ban - Ban a user
- unban - Unban a user
- lock - Lock a user
- unlock - Unlock a user
- setProfileImage - Set user profile image
- deleteProfileImage - Delete user profile image
- updateMetadata - Merge and update a user's metadata
- getOAuthAccessToken - Retrieve the OAuth access token of a user
- getOrganizationMemberships - Retrieve all memberships for a user
- getOrganizationInvitations - Retrieve all invitations for a user
- verifyPassword - Verify the password of a user
- verifyTOTP - Verify a TOTP or backup code for a user
- disableMFA - Disable a user's MFA methods
- deleteBackupCodes - Disable all user's Backup codes
- deletePasskey - Delete a user passkey
- deleteWeb3Wallet - Delete a user web3 wallet
- createTOTP - Create a TOTP for a user
- deleteTotp - Delete all the user's TOTPs
- deleteExternalAccount - Delete External Account
- createSvixApp - Create a Svix app
- deleteSvixApp - Delete a Svix app
- generateSvixAuthURL - Create a Svix Dashboard URL
Handling errors in this SDK should largely match your expectations. All operations return a response object or throw an exception.
By default an API error will raise a Errors\SDKException exception, which has the following properties:
| Property | Type | Description |
|---|---|---|
$message |
string | The error message |
$statusCode |
int | The HTTP status code |
$rawResponse |
?\Psr\Http\Message\ResponseInterface | The raw HTTP response |
$body |
string | The response content |
When custom error responses are specified for an operation, the SDK may also throw their associated exception. You can refer to respective Errors tables in SDK docs for more details on possible exception types for each operation. For example, the verify method throws the following exceptions:
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors1 | 400, 401, 404 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
try {
$request = new Operations\VerifyClientRequestBody();
$response = $sdk->clients->verify(
request: $request
);
if ($response->client !== null) {
// handle response
}
} catch (Errors\ClerkErrors1Throwable $e) {
// handle $e->$container data
throw $e;
} catch (Errors\SDKException $e) {
// handle default exception
throw $e;
}You can override the default server globally by passing a server index to the server_idx: int optional parameter when initializing the SDK client instance. The selected server will then be used as the default on the operations that use it. This table lists the indexes associated with the available servers:
| # | Server | Variables |
|---|---|---|
| 0 | https://api.clerk.com/v1 |
None |
The default server can also be overridden globally by passing a URL to the server_url: str optional parameter when initializing the SDK client instance. For example:
This SDK is in beta, and there may be breaking changes between versions without a major version update. Therefore, we recommend pinning usage to a specific package version. This way, you can install the same version each time without breaking changes unless you are intentionally looking for the latest version.
You can get in touch with us in any of the following ways:
- Join the official community Clerk Discord server
- Create a GitHub Discussion
- Contact options listed on Clerk Support page
We're open to all community contributions!
@clerk/backend-php follows good practices of security, but 100% security cannot be assured.
@clerk/backend-php is provided "as is" without any warranty. Use at your own risk.
For more information and to report security issues, please refer to the security documentation.
This project is licensed under the MIT license.
See LICENSE for more information.